rama::tls::rustls::dep::rustls::crypto::tls13

Trait Hkdf

pub trait Hkdf: Send + Sync {
    // Required methods
    fn extract_from_zero_ikm(
        &self,
        salt: Option<&[u8]>,
    ) -> Box<dyn HkdfExpander>;
    fn extract_from_secret(
        &self,
        salt: Option<&[u8]>,
        secret: &[u8],
    ) -> Box<dyn HkdfExpander>;
    fn expander_for_okm(&self, okm: &OkmBlock) -> Box<dyn HkdfExpander>;
    fn hmac_sign(&self, key: &OkmBlock, message: &[u8]) -> Tag;

    // Provided methods
    fn extract_from_kx_shared_secret(
        &self,
        salt: Option<&[u8]>,
        kx: Box<dyn ActiveKeyExchange>,
        peer_pub_key: &[u8],
    ) -> Result<Box<dyn HkdfExpander>, Error> { ... }
    fn fips(&self) -> bool { ... }
}
Expand description

A HKDF implementation oriented to the needs of TLS1.3.

See RFC5869 for the terminology used in this definition.

You can use HkdfUsingHmac which implements this trait on top of an implementation of hmac::Hmac.

Required Methods§

fn extract_from_zero_ikm(&self, salt: Option<&[u8]>) -> Box<dyn HkdfExpander>

HKDF-Extract(salt, 0_HashLen)

0_HashLen is a string of HashLen zero bytes.

A salt of None should be treated as a sequence of HashLen zero bytes.

fn extract_from_secret( &self, salt: Option<&[u8]>, secret: &[u8], ) -> Box<dyn HkdfExpander>

HKDF-Extract(salt, secret)

A salt of None should be treated as a sequence of HashLen zero bytes.

fn expander_for_okm(&self, okm: &OkmBlock) -> Box<dyn HkdfExpander>

Build a HkdfExpander using okm as the secret PRK.

fn hmac_sign(&self, key: &OkmBlock, message: &[u8]) -> Tag

Signs message using key viewed as a HMAC key.

This should use the same hash function as the HKDF functions in this trait.

See RFC2104 for the definition of HMAC.

Provided Methods§

fn extract_from_kx_shared_secret( &self, salt: Option<&[u8]>, kx: Box<dyn ActiveKeyExchange>, peer_pub_key: &[u8], ) -> Result<Box<dyn HkdfExpander>, Error>

HKDF-Extract(salt, shared_secret) where shared_secret is the result of a key exchange.

Custom implementations should complete the key exchange by calling kx.complete(peer_pub_key) and then using this as the input keying material to HKDF-Extract.

A salt of None should be treated as a sequence of HashLen zero bytes.

fn fips(&self) -> bool

Return true if this is backed by a FIPS-approved implementation.

Implementors§

§

impl Hkdf for HkdfUsingHmac<'_>